openssl_0.9.8o-3~bpo50+1_i386.changes is NEW
(new) libcrypto0.9.8-udeb_0.9.8o-3~bpo50+1_i386.udeb optional debian-installer
crypto shared library - udeb
libcrypto shared library.
.
Do not install it on a normal system.
(new) libssl-dev_0.9.8o-3~bpo50+1_i386.deb optional libdevel
SSL development libraries, header files and documentation
libssl and libcrypto development libraries, header files and manpages.
.
It is part of the OpenSSL implementation of SSL.
(new) libssl0.9.8-dbg_0.9.8o-3~bpo50+1_i386.deb extra debug
Symbol tables for libssl and libcrypto
This package is part of the OpenSSL implementation of SSL.
(new) libssl0.9.8_0.9.8o-3~bpo50+1_i386.deb important libs
SSL shared libraries
libssl and libcrypto shared libraries needed by programs like
apache-ssl, telnet-ssl and openssh.
.
It is part of the OpenSSL implementation of SSL.
(new) openssl_0.9.8o-3~bpo50+1.debian.tar.gz optional utils
(new) openssl_0.9.8o-3~bpo50+1.dsc optional utils
(new) openssl_0.9.8o-3~bpo50+1_i386.deb optional utils
Secure Socket Layer (SSL) binary and related cryptographic tools
This package contains the openssl binary and related tools.
.
It is part of the OpenSSL implementation of SSL.
.
You need it to perform certain cryptographic actions like:
- Creation of RSA, DH and DSA key parameters;
- Creation of X.509 certificates, CSRs and CRLs;
- Calculation of message digests;
- Encryption and decryption with ciphers;
- SSL/TLS client and server tests;
- Handling of S/MIME signed or encrypted mail.
(new) openssl_0.9.8o.orig.tar.gz optional utils
Changes: openssl (0.9.8o-3~bpo50+1) lenny-backports; urgency=low
.
* Rebuild for lenny-backports.
* Add myself as an uploader.
.
openssl (0.9.8o-3) unstable; urgency=high
.
* Fix TLS extension parsing race condition (CVE-2010-3864) (Closes: #603709)
* Re-add the engines. They were missing since 0.9.8m-1.
Patch by Joerg Schneider. (Closes: #603693)
* Not all architectures were build using -g (Closes: #570702)
* Add powerpcspe support (Closes: #579805)
* Add armhf support (Closes: #596881)
* Update translations:
- Brazilian Portuguese (Closes: #592154)
- Danish (Closes: #599459)
- Vietnamese (Closes: #601536)
- Arabic (Closes: #596166)
* Generate the proper stamp file so that everything doesn't get build twice.
.
openssl (0.9.8o-2) unstable; urgency=high
.
* Fix CVE-2010-2939: Double free using ECDH. (Closes: #594415)
.
openssl (0.9.8o-1) unstable; urgency=low
.
* New upstream version
- Add SHA2 algorithms to SSL_library_init().
- aes-x86_64.pl is now PIC, update pic.patch.
* Add sparc64 support (Closes: #560240)
.
openssl (0.9.8n-1) unstable; urgency=high
.
* New upstream version.
- Fixes CVE-2010-0740.
- Drop cfb.patch, applied upstream.
.
openssl (0.9.8m-2) unstable; urgency=low
.
* Revert CFB block length change preventing reading older files.
(Closes: #571810, #571940)
.
openssl (0.9.8m-1) unstable; urgency=low
.
* New upstream version
- Implements RFC5746, reenables renegotiation but requires the extension.
- Fixes CVE-2009-3245
- Drop patches CVE-2009-4355.patch, CVE-2009-1378.patch,
CVE-2009-1377.patch, CVE-2009-1379.patch, CVE-2009-3555.patch,
CVE-2009-2409.patch, CVE-2009-1387.patch, tls_ext_v3.patch,
no_check_self_signed.patch: applied upstream
- pk7_mime_free.patch removed, code rewritten
- ca.diff partially applied upstream
- engines-path.patch adjusted, upstream made some minor changes to the
build system.
- some flags changed values, bump shlibs.
* Switch to 3.0 (quilt) source package.
* Make sure the package is properly cleaned.
* Add ${misc:Depends} to the Depends on all packages.
* Fix spelling of extension in the changelog file.
.
openssl (0.9.8k-8) unstable; urgency=high
.
* Clean up zlib state so that it will be reinitialized on next use and
not cause a memory leak. (CVE-2009-4355, CVE-2008-1678)
.
openssl (0.9.8k-7) unstable; urgency=low
.
* Bump the shlibs to require 0.9.8k-1. The following symbols
to added between g and k: AES_wrap_key, AES_unwrap_key,
ASN1_TYPE_set1, ASN1_STRING_set0, asn1_output_data_fn,
SMIME_read_ASN1, BN_X931_generate_Xpq, BN_X931_derive_prime_ex,
BN_X931_generate_prime_ex, COMP_zlib_cleanup, CRYPTO_malloc_debug_init,
int_CRYPTO_set_do_dynlock_callback, CRYPTO_set_mem_info_functions,
CRYPTO_strdup, CRYPTO_dbg_push_info, CRYPTO_dbg_pop_info,
CRYPTO_dbg_remove_all_info, OPENSSL_isservice, OPENSSL_init,
ENGINE_set_load_ssl_client_cert_function,
ENGINE_get_ssl_client_cert_function, ENGINE_load_ssl_client_cert,
EVP_CIPHER_CTX_set_flags, EVP_CIPHER_CTX_clear_flags,
EVP_CIPHER_CTX_test_flags, HMAC_CTX_set_flags, OCSP_sendreq_new
OCSP_sendreq_nbio, OCSP_REQ_CTX_free, RSA_X931_derive_ex,
RSA_X931_generate_key_ex, X509_ALGOR_set0, X509_ALGOR_get0,
X509at_get0_data_by_OBJ, X509_get1_ocsp
.
openssl (0.9.8k-6) unstable; urgency=low
.
* Disable SSL/TLS renegotiation (CVE-2009-3555) (Closes: #555829)
.
openssl (0.9.8k-5) unstable; urgency=low
.
* Don't check self signed certificate signatures in X509_verify_cert()
(Closes: #541735)
.
openssl (0.9.8k-4) unstable; urgency=low
.
* Split all the patches into a separate files
* Stop undefinging HZ, the issue on alpha should be fixed.
* Remove MD2 from digest algorithm table. (CVE-2009-2409) (Closes: #539899)
.
openssl (0.9.8k-3) unstable; urgency=low
.
* Make rc4-x86_64 PIC. Based on patch from Petr Salinger (Closes: #532336)
* Add workaround for kfreebsd that can't see the different between
two pipes. Patch from Petr Salinger.
.
openssl (0.9.8k-2) unstable; urgency=low
.
* Move libssl0.9.8-dbg to the debug section.
* Use the rc4 assembler on kfreebsd-amd64 (Closes: #532336)
* Split the line to generate md5-x86_64.s in the Makefile. This will
hopefully fix the build issue on kfreebsd that now outputs the file
to stdout instead of the file.
* Fix denial of service via an out-of-sequence DTLS handshake message
(CVE-2009-1387) (Closes: #532037)
.
openssl (0.9.8k-1) unstable; urgency=low
.
* New upstream release
- 0.9.8i fixed denial of service via a DTLS ChangeCipherSpec packet
that occurs before ClientHello (CVE-2009-1386)
* Make aes-x86_64.pl use PIC.
* Fix security issues (Closes: #530400)
- "DTLS record buffer limitation bug." (CVE-2009-1377)
- "DTLS fragment handling" (CVE-2009-1378)
- "DTLS use after free" (CVE-2009-1379)
* Fixed Configure for hurd: use -mtune=i486 instead of -m486
Patch by Marc Dequènes (Duck) <duck@hurdfr.org> (Closes: #530459)
* Add support for avr32 (Closes: #528648)
.
openssl (0.9.8g-16) unstable; urgency=high
.
* Properly validate the length of an encoded BMPString and UniversalString
(CVE-2009-0590) (Closes: #522002)
Override entries for your package:
Announcing to debian-backports-changes@lists.debian.org
Your package contains new components which requires manual editing of
the override file. It is ok otherwise, so please be patient. New
packages are usually added to the override file about once a week.
You may have gotten the distribution wrong. You'll get warnings above
if files already exist in other distributions.
ist in other distributions.
Reply to: